Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/GqDsP0fZtuUK5Ry0DUp6bsn0iN4.roa
File: GqDsP0fZtuUK5Ry0DUp6bsn0iN4.roa (raw, json)
Hash identifier: ngjBl+2Ni+DAajJythObKXosVcIurEr1lHwupZEYHFk=
Subject key identifier: 1A:A0:EC:3F:47:D9:B6:E5:0A:E5:1C:B4:0D:4A:7A:6E:C9:F4:88:DE
Certificate issuer: /CN=eb23a5f47ec67e925a92491ab99b24ba371183f1
Certificate serial: 018799FB625E18B13E7CF126B6A4D4F6CC66
Authority key identifier: EB:23:A5:F4:7E:C6:7E:92:5A:92:49:1A:B9:9B:24:BA:37:11:83:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6yOl9H7GfpJakkkauZskujcRg_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/GqDsP0fZtuUK5Ry0DUp6bsn0iN4.roa
Signing time: Wed 19 Apr 2023 14:46:41 +0000
ROA not before: Wed 19 Apr 2023 14:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6661
IP address blocks: 193.168.10.0/23 maxlen: 24
193.168.14.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:fb:62:5e:18:b1:3e:7c:f1:26:b6:a4:d4:f6:cc:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb23a5f47ec67e925a92491ab99b24ba371183f1
Validity
Not Before: Apr 19 14:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1aa0ec3f47d9b6e50ae51cb40d4a7a6ec9f488de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:76:4e:da:02:39:3c:44:2c:e9:3b:99:70:20:
05:3c:60:61:bf:4f:de:e2:29:3c:d9:d5:ec:cb:66:
47:a8:b1:4c:88:e2:a4:aa:7d:c0:f8:db:28:12:09:
fe:33:e9:a4:56:85:cf:d8:ee:ad:cf:b1:f9:d2:55:
fa:f3:d3:20:16:4a:96:14:55:83:79:cb:55:f9:36:
e1:de:3b:24:b1:5e:99:a6:07:34:7c:5f:b4:92:b3:
4f:e4:fe:d2:44:22:08:12:4c:e2:c8:14:0b:7e:0b:
dc:6e:01:00:65:ee:7c:b7:b9:90:3e:98:e2:90:82:
03:27:16:7b:f5:b0:90:37:d6:8d:56:ed:72:c8:50:
a3:2f:1b:bb:4b:20:32:1f:67:4b:39:e5:14:41:82:
1d:10:b0:ba:60:8a:d6:a5:26:b2:29:d8:0b:ab:52:
0f:5f:86:70:67:11:dd:eb:b6:fb:2c:de:8b:ff:01:
97:ee:c4:95:b6:88:70:a8:56:70:75:fa:53:e7:e7:
2d:ee:8d:00:16:82:31:09:09:f3:e7:3b:8c:0b:22:
8a:87:d9:90:7c:37:50:9f:95:57:38:29:7b:1c:54:
14:55:8d:b3:89:49:cf:c6:28:b2:06:cc:a3:9b:ed:
5c:bd:5a:f8:4a:bd:dd:f0:33:ae:de:75:bd:f2:59:
21:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A0:EC:3F:47:D9:B6:E5:0A:E5:1C:B4:0D:4A:7A:6E:C9:F4:88:DE
X509v3 Authority Key Identifier:
keyid:EB:23:A5:F4:7E:C6:7E:92:5A:92:49:1A:B9:9B:24:BA:37:11:83:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yOl9H7GfpJakkkauZskujcRg_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/GqDsP0fZtuUK5Ry0DUp6bsn0iN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ab5500-f623-4a54-9ae2-ffe21ef98674/1/6yOl9H7GfpJakkkauZskujcRg_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.10.0/23
193.168.14.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:7d:b4:4a:53:86:36:b0:90:a2:43:37:0a:ad:5e:09:4f:37:
8b:f5:65:1f:e9:51:0e:8d:de:2f:4b:03:c9:85:bb:a1:4c:75:
49:c8:d1:46:f2:84:ca:ba:25:80:7b:18:50:e1:98:ca:42:01:
bc:12:fd:62:38:d9:55:b2:60:b5:e4:b3:18:cd:76:9a:6c:76:
56:8a:11:ef:e6:49:d1:7e:fc:cb:d0:e0:56:74:6e:ae:20:a2:
4e:d4:08:92:a6:78:72:7d:9c:91:73:28:bf:04:29:44:7e:87:
57:84:a3:61:d5:5d:e0:c1:f4:e9:94:14:db:c9:f5:07:ce:b6:
ca:a9:96:9b:6d:3d:6c:a1:6d:4f:cc:6d:06:4c:eb:a6:01:78:
de:59:af:0e:45:6e:43:5f:94:e1:e5:83:fd:7a:c8:43:b7:41:
a7:e7:8d:e5:0b:01:a0:24:84:24:48:60:03:66:58:68:c5:11:
3c:bb:e9:17:a6:62:b4:c4:8d:5a:68:da:2b:42:74:c0:3e:48:
0a:12:3e:02:2a:17:fa:8c:d6:0e:b0:b8:eb:37:f7:5c:f4:f6:
76:e5:c3:34:30:b1:e1:9b:4b:07:92:f8:90:8d:90:0f:2c:43:
07:31:0e:c0:eb:97:a9:22:34:82:11:4f:eb:44:5d:f2:5c:6f:
d4:b0:9f:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeZ+2JeGLE+fPEmtqTU9sxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMjNhNWY0N2VjNjdlOTI1YTkyNDkxYWI5OWIyNGJhMzcx
MTgzZjEwHhcNMjMwNDE5MTQ0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWEwZWMzZjQ3ZDliNmU1MGFlNTFjYjQwZDRhN2E2ZWM5ZjQ4OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3ZO2gI5PEQs6TuZcCAFPGBhv0/e
4ik82dXsy2ZHqLFMiOKkqn3A+NsoEgn+M+mkVoXP2O6tz7H50lX689MgFkqWFFWD
ectV+Tbh3jsksV6Zpgc0fF+0krNP5P7SRCIIEkziyBQLfgvcbgEAZe58t7mQPpji
kIIDJxZ79bCQN9aNVu1yyFCjLxu7SyAyH2dLOeUUQYIdELC6YIrWpSayKdgLq1IP
X4ZwZxHd67b7LN6L/wGX7sSVtohwqFZwdfpT5+ct7o0AFoIxCQnz5zuMCyKKh9mQ
fDdQn5VXOCl7HFQUVY2ziUnPxiiyBsyjm+1cvVr4Sr3d8DOu3nW98lkh7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBqg7D9H2bblCuUctA1Kem7J9IjeMB8GA1UdIwQY
MBaAFOsjpfR+xn6SWpJJGrmbJLo3EYPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnlPbDlIN0dmcEpha2trYXVac2t1amNSZ19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYjU1MDAtZjYyMy00YTU0LTlhZTIt
ZmZlMjFlZjk4Njc0LzEvR3FEc1AwZlp0dVVLNVJ5MERVcDZic24waU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hYjU1MDAtZjYyMy00YTU0LTlhZTItZmZlMjFlZjk4Njc0
LzEvNnlPbDlIN0dmcEpha2trYXVac2t1amNSZ19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwagKAwQB
wagOMA0GCSqGSIb3DQEBCwUAA4IBAQCtfbRKU4Y2sJCiQzcKrV4JTzeL9WUf6VEO
jd4vSwPJhbuhTHVJyNFG8oTKuiWAexhQ4ZjKQgG8Ev1iONlVsmC15LMYzXaabHZW
ihHv5knRfvzL0OBWdG6uIKJO1AiSpnhyfZyRcyi/BClEfodXhKNh1V3gwfTplBTb
yfUHzrbKqZabbT1soW1PzG0GTOumAXjeWa8ORW5DX5Th5YP9eshDt0Gn543lCwGg
JIQkSGADZlhoxRE8u+kXpmK0xI1aaNorQnTAPkgKEj4CKhf6jNYOsLjrN/dc9PZ2
5cM0MLHhm0sHkviQjZAPLEMHMQ7A65epIjSCEU/rRF3yXG/UsJ8F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:51 2024 by rpki-client on console-ams.rpki-client.org